Tech-invite3GPPspaceIETF RFCsSIP

Content for  TS 21.133  Word version:  4.1.0

Top   Top   None   None   Next
1…   5…   6…   7…   8…   A…


1  ScopeWord‑p. 6

This specification takes notice of the Security Principles and Objectives as set out in [1]. It contains an evaluation of perceived threats to 3GPP and produces subsequently a list of security requirements to address these threats.
As teleservices and applications will not, in general, be standardised, it is difficult to predict their exact nature. Therefore, this specification considers all security threats and aims at listing generic security requirements that shall be applicable irrespective of the actual services offered. The list of threats and requirements may however need to be updated as the 3GPP system evolves.
The threat analysis performed relies to a large extent on previous experiences with 2G systems, in particular GSM, and takes into account known problems from that area.
The security requirements listed in this specification shall be used as input for the choice of security features and the design of the 3GPP security architecture as specified in [2].
The structure of this technical specification is as follows:
  • clause 2 lists the references used in this specification;
  • clause 3 lists the definitions and abbreviations used in this specification;
  • clause 4 contains a reference to the general objectives for 3G security;
  • clause 5 contains an overview of the context in which the security architecture of 3G is designed;
  • clause 6 contains a list of identified security threats to 3G, and gives some results from the threat analyses that have been performed;
  • clause 7 contains an overview of the risk assessment resulting from the threat analyses performed
  • clause 8 contains the resulting list of security requirements for 3G and indicates how these requirements relate to the threats and the security objectives .
Finally, Annex A gives some more detailed information on threats and risks connected to so called false base station attacks.

2  References

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
TS 33.120: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security Principles and Objectives".
TS 33.102: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Security Architecture".
Baseline documents:
  • 3GPP s3-99003: UMTS 33.21, version 2.0.0: "Security requirements".
  • 3GPP s3-99016: ARIB, Requirements and Objectives for 3G Mobile Services and System, Annex 8 - Security Design Principles.
  • ETSI SMG10 99C019: Countermeasures to active attacks on the radio access link.
ETSI ETR 332: "Security Techniques Advisory Group; Security requirements capture".
ETSI ETR 331: "Definition of user Requirements for lawful interception of telecommunications; Requirements of the law enforcement agencies".
ISO 7498-2: "Information processing systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture".
ISO/IEC 10181-2: "Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems".
ISO/IEC 11770-1: "Information Technology - Security Techniques - Key Management, Part 1: Key Management Framework".
UMTS 22.00: "Universal Mobile Telecommunications System (UMTS): UMTS Phase 1".
UMTS 22.01: "Universal Mobile Telecommunications System (UMTS): Service aspects; service principles".
UMTS 22.21: "Universal Mobile Telecommunications System (UMTS): Virtual Home Environment".
UMTS 23.01: "Universal Mobile Telecommunications System (UMTS): General UMTS Architecture".
UMTS 30.01: "Universal Mobile Telecommunications System (UMTS): UMTS Baseline Document; Positions on UMTS agreed by SMG".
UMTS 33.20: "Universal Mobile Telecommunications System (UMTS): Security Principles".
TR 21.905: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Vocabulary for 3GPP Specifications".

3  Definitions and AbbreviationsWord‑p. 7

3.1  Definitions

For the purposes of the present document, the following definitions apply:
Access Control:
The prevention of unauthorised use of a resource, including the prevention of use of a resource in an unauthorised manner [5].
The provision of assurance of the claimed identity of an entity [6].
The process of changing the identity of one entity to that of an entity of the same type, so that there are two entities of the same type with the same identity.
The property of information that it has not been disclosed to unauthorised parties.
The property of information that it has not been changed by unauthorised parties.
Key Management:
The administration and use of the generation, registration, certification, deregistration, distribution, installation, storage, archiving, revocation, derivation and destruction of keying material in accordance with a security policy [7].
Law Enforcement Agency (LEA):
An organisation authorised by a lawful authorisation, based on a national law, to receive the results of telecommunication interceptions [4].
Lawful Authorisation:
Permission granted to an LEA under certain conditions to intercept specified telecommunications and requiring co-operation for a network operator or service provider. Typically this refers to a warrant or order issued by a lawfully authorised body [4].
Lawful Interception:
The action (based on the law), performed by a network operator or service provider, of making available certain information and providing that information to a Law Enforcement Monitoring Facility [4].
Non-Repudiation Service:
A security service which counters the threat of repudiation.
Denial by one of the parties involved in a communication of having participated in all or part of the communication [5].

3.2  AbbreviationsWord‑p. 8

For the purposes of the present document, the following abbreviations apply:
Global System for Mobile communications
Home Environment
International Mobile Equipment Identity
International Mobile Telecommunications-2000
International Mobile User Identity
Internet Protocol
Integrated Services Digital Network
International Telecommunications Union
Narrowband ISDN
Personal Identification Number
Public Switched Telephone Network
Subscriber Identity Module
Serving Network
Time Division - Code Division Multiple Access
Telecommunications Management Network
Universal Integrated Circuit Card
Universal Mobile Telecommunication System
Universal Personal Telecommunication
User Services Identity Module
UMTS Terrestrial Radio Access Network
Virtual Home Environment
Wideband - Code Division Multiple Access

4  General objectives for 3G security features

The general objectives for 3G security features have been stated as [1]:
  1. to ensure that information generated by or relating to a user is adequately protected against misuse or misappropriation;
  2. to ensure that the resources and services provided by serving networks and home environments are adequately protected against misuse or misappropriation;
  3. to ensure that the security features standardised are compatible with world-wide availability (There shall be at least one ciphering algorithm that can be exported on a world-wide basis (in accordance with the Wassenaar agreement));
  4. to ensure that the security features are adequately standardised to ensure world-wide interoperability and roaming between different serving networks;
  5. to ensure that the level of protection afforded to users and providers of services is better than that provided in contemporary fixed and mobile networks;
  6. to ensure that the implementation of 3G security features and mechanisms can be extended and enhanced as required by new threats and services.
Furthermore it has been agreed that the basic security features employed in 2G systems will be retained, or where needed enhanced. These include:
  • subscriber authentication,
  • radio interface encryption,
  • subscriber identity confidentiality,
  • use of removable subscriber module,
  • secure application layer channel between subscriber module and home network,
  • transparency of security features,
  • minimised need for trust between HE and SN.
In some instances, 3G will need to be equipped with stronger or more flexible security mechanisms than those which were designed for GSM, due to new or increased threats. These will be treated in the threat analysis.
Mechanisms to combating fraud in roaming situations should be included in the 3G specifications from the start.
Mechanisms for lawful interception under authorisation should be included in 3G specifications from the start.

Up   Top   ToC